Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/uLKdMetIeyjr8DwOg8n1_tR_m4k.roa
File:                     uLKdMetIeyjr8DwOg8n1_tR_m4k.roa (raw, json)
Hash identifier:          888KQ3HQVkNvCYA57lL4yA3vENltU0QAOE6s6RKoSZA=
Subject key identifier:   B8:B2:9D:31:EB:48:7B:28:EB:F0:3C:0E:83:C9:F5:FE:D4:7F:9B:89
Certificate issuer:       /CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Certificate serial:       0EB0
Authority key identifier: 2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/uLKdMetIeyjr8DwOg8n1_tR_m4k.roa
Signing time:             Wed 05 Jul 2023 09:36:30 +0000
ROA not before:           Wed 05 Jul 2023 09:36:30 +0000
ROA not after:            Wed 06 Sep 2023 03:00:35 +0000
asID:                     63199
IP address blocks:        150.116.4.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3760 (0xeb0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
        Validity
            Not Before: Jul  5 09:36:30 2023 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=B8B29D31EB487B28EBF03C0E83C9F5FED47F9B89
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:4e:b0:2e:67:b2:73:e8:e1:06:b3:1c:f7:ae:
                    ba:f4:db:ba:95:d1:b8:59:1c:0b:3b:be:c5:ea:75:
                    a7:70:35:b0:3d:8f:76:97:c7:72:5a:a3:23:30:8b:
                    02:c7:c2:1f:09:15:f4:51:ce:36:ff:75:ae:ed:ac:
                    f3:54:5c:aa:49:69:a2:ea:ed:47:4d:ea:bf:9f:a5:
                    2f:29:15:25:0f:96:c9:f5:a2:42:ba:55:44:8c:01:
                    9e:85:40:44:51:33:e0:2a:80:a5:a9:0d:cd:9f:50:
                    46:1a:00:3d:8e:b7:20:bd:18:40:9a:65:d1:e1:e1:
                    67:1a:ff:30:63:3c:e6:d4:42:85:67:e5:b1:94:63:
                    af:4a:5a:fa:14:fc:a0:05:e1:f0:9d:98:b7:72:29:
                    f8:5e:af:8d:53:ae:98:24:1a:4e:57:85:4f:c1:13:
                    84:7f:44:f2:2e:6a:ac:a4:68:0e:65:e9:c1:12:9c:
                    ca:ce:46:98:74:bc:a5:9d:0d:d7:d8:ec:76:45:f4:
                    ae:fb:7a:88:1d:ac:af:77:93:ec:62:1c:26:fe:0c:
                    cf:97:bf:5c:b7:77:e6:19:7d:3a:34:41:32:77:6d:
                    17:86:05:81:ed:8b:e0:a1:36:01:2b:e0:0c:01:77:
                    16:ce:76:7c:06:33:8b:15:9f:47:58:1a:1b:48:78:
                    f3:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:B2:9D:31:EB:48:7B:28:EB:F0:3C:0E:83:C9:F5:FE:D4:7F:9B:89
            X509v3 Authority Key Identifier:
                keyid:2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/uLKdMetIeyjr8DwOg8n1_tR_m4k.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  150.116.4.0/23

    Signature Algorithm: sha256WithRSAEncryption
         37:9c:91:e7:53:ef:15:ce:a2:37:4d:20:33:f4:85:2d:ff:1e:
         30:e8:8f:51:d3:e6:f8:d7:d7:da:c6:73:fe:1c:42:a9:0f:cf:
         b1:ae:23:6a:05:25:df:2d:4f:f4:3d:76:a3:f1:3a:dd:63:cd:
         72:28:0c:17:35:4d:fc:f2:a5:33:e6:1e:28:46:90:34:a5:c5:
         52:bd:52:e7:b7:ea:92:ae:65:41:7e:7e:78:dc:4a:7b:0d:69:
         9a:44:df:31:f1:04:d4:15:e9:65:36:a8:e8:c0:bc:df:1e:69:
         f5:ae:0c:6c:09:c2:0f:98:72:31:fb:3b:9b:83:40:8b:8e:91:
         f7:a0:86:8d:9d:94:2b:b0:5b:df:90:54:24:f9:71:93:ad:a7:
         ca:6f:f5:3d:a5:a8:c0:d9:48:80:6e:39:16:1d:71:60:d5:0f:
         a1:e2:9f:7b:ae:41:67:1c:71:f2:1f:b7:b9:45:14:ea:4c:fc:
         2b:6a:20:c0:e0:ad:1e:1a:79:e3:7a:1b:48:be:2b:02:76:f6:
         44:02:77:e1:57:6b:51:a7:24:31:c0:cf:10:3e:03:86:8b:7b:
         e0:a5:3a:d1:3a:2e:75:78:a5:c0:f0:ed:44:8c:0c:a3:48:80:
         54:e7:a6:79:e1:ba:4d:ea:4e:2a:cb:4d:fb:5e:db:03:9b:f9:
         d4:0f:28:2d
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICDrAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkYw
RjQ2RDNGRjZGRUQ3MzA5M0REOTVCOTg5NTA0MzM5MTBDRkQ3NjAeFw0yMzA3MDUw
OTM2MzBaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEI4QjI5RDMxRUI0ODdC
MjhFQkYwM0MwRTgzQzlGNUZFRDQ3RjlCODkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC2TrAuZ7Jz6OEGsxz3rrr027qV0bhZHAs7vsXqdadwNbA9j3aX
x3JaoyMwiwLHwh8JFfRRzjb/da7trPNUXKpJaaLq7UdN6r+fpS8pFSUPlsn1okK6
VUSMAZ6FQERRM+AqgKWpDc2fUEYaAD2OtyC9GECaZdHh4Wca/zBjPObUQoVn5bGU
Y69KWvoU/KAF4fCdmLdyKfher41TrpgkGk5XhU/BE4R/RPIuaqykaA5l6cESnMrO
Rph0vKWdDdfY7HZF9K77eogdrK93k+xiHCb+DM+Xv1y3d+YZfTo0QTJ3bReGBYHt
i+ChNgEr4AwBdxbOdnwGM4sVn0dYGhtIePO5AgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUuLKdMetIeyjr8DwOg8n1/tR/m4kwHwYDVR0jBBgwFoAULw9G0/9v7XMJPdlb
mJUEM5EM/XYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJRUYt
VFcvTHc5RzBfOXY3WE1KUGRsYm1KVUVNNUVNX1hZLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9MdzlHMF85djdYTUpQZGxibUpVRU01RU1fWFkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElFRi1UVy91TEtkTWV0SWV5anI4
RHdPZzhuMV90Ul9tNGsucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQBlnQEMA0GCSqGSIb3DQEBCwUAA4IBAQA3nJHnU+8VzqI3TSAz9IUt/x4w6I9R
0+b419faxnP+HEKpD8+xriNqBSXfLU/0PXaj8TrdY81yKAwXNU388qUz5h4oRpA0
pcVSvVLnt+qSrmVBfn543Ep7DWmaRN8x8QTUFellNqjowLzfHmn1rgxsCcIPmHIx
+zubg0CLjpH3oIaNnZQrsFvfkFQk+XGTrafKb/U9pajA2UiAbjkWHXFg1Q+h4p97
rkFnHHHyH7e5RRTqTPwraiDA4K0eGnnjehtIvisCdvZEAnfhV2tRpyQxwM8QPgOG
i3vgpTrROi51eKXA8O1EjAyjSIBU56Z54bpN6k4qy037XtsDm/nUDygt
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:04 2024 by rpki-client on console-ams.rpki-client.org